<?php
session_start();
require_once("../includes/public.inc.php");
//require_once("login_check.php");
$s=isset($_GET['s'])?$_GET['s']:'';
$type = isset($_GET['type'])?$_GET['type']:'';
$openid = isset($_GET['openid'])?$_GET['openid']:'';
$username = isset($_SESSION['username'])?$_SESSION['username']:'';
$password = isset($_SESSION['password'])?$_SESSION['password']:'';
$user_op = mysql_fetch_array(mysql_query("select * from ".DBQIAN."users where openid='".$openid."' order by id desc limit 1"));
if (!$user_op)
{
	if (!$username)
	{
		echo "<script>alert('你还没登录呢!');window.parent.location.href='login.php?type=hy';</script>";
	}	
}
else 
{

	if ($type=='hy')
	{
		$user = mysql_fetch_array(mysql_query("select * from ".DBQIAN."users where username='".$username."' or openid='".$openid."' order by id desc limit 1"));
		if ($s)
		{
			if (!is_numeric($s)) 
			{ 
			 	echo "<script>alert('防伪码只能是数字');history.back();</script>";	
			}
			if(strlen($s)>10&&strlen($s)<17)
			{
				if(!empty($user))
				{
					$exist_fwm = mysql_fetch_array(mysql_query("select * from ".DBQIAN."fwm where fwm='".$s."' and hystatus=0 order by id desc limit 1"));
					if ($exist_fwm)
					{
						if ($openid)
						{
							$daogou = mysql_fetch_array(mysql_query("select * from ".DBQIAN."users where wx_openid='".trim($ucode)."' order by id desc limit 1"));
						}
						//修改fwm表hystatus为1 修改users表积分，增加积分记录表的积分记录；算出积分和也可以也可以在之前的基础上添加这些
						//echo "UPDATE ".DBQIAN."fwm SET hystatus=1,hytime='".date('Y-m-d H:i:s', time())."' where fwm ='".$s."'";exit;
						$hystatus =  mysql_query("UPDATE ".DBQIAN."fwm SET hystatus=1,hytime='".date('Y-m-d H:i:s', time())."' where fwm ='".$s."'");
						$usercredit = mysql_query("UPDATE ".DBQIAN."users SET credit=credit+".($exist_fwm['credit']*10)." where username='".$user['username']."'");
						$creditrecord = mysql_query("insert into ".DBQIAN."creditrecord(username,credit,prex,time,fwm,product_id) values('".$user['username']."',".($exist_fwm['credit']*10).",'','".date('Y-m-d H:i:s',time())."','".$s."',0)");
						if ($creditrecord&&$usercredit&&$hystatus)
						{
							echo "<script>alert('积分领取成功！');window.location.href='index.php';//history.back();</script>";	
							exit;
						}
						else
						{
							//print_r($exist_fwm);exit;
							$users = mysql_fetch_array(mysql_query("select * from ".DBQIAN."users where username='".$username."' order by id desc limit 1"));
							mysql_query("delete from ".DBQIAN."creditrecord where fwm='".$s."'");
							mysql_query("update ".DBQIAN."fwm set hystatus=0,hytime='".date('Y-m-d H:i:s', time())."' where fwm ='".$s."'");
							if ($users['credit']>$user['credit'])
							{
								mysql_query("update ".DBQIAN."users set credit=credit-".($exist_fwm['credit']*10)." where username=.'".$username."'");
							}
							echo "<script>alert('积分领取失败！');window.location.href='index.php';</script>";	
							exit;
						}
					}
					else 
					{
						$exist_fwm1 = mysql_fetch_array(mysql_query("select * from ".DBQIAN."fwm where fwm='".$s."' and hystatus=1 order by id desc limit 1"));
						if ($exist_fwm1)
						{
							echo "<script>alert('积分已经被领取！');window.location.href='index.php';</script>";	
							exit;
						}
						else 
						{
							echo "<script>alert('没有该防伪码，请谨慎使用该产品！');window.location.href='index.php';</script>";	
							exit;
						}
					}
				}
				else 
				{
					echo "<script>alert('亲你还没有登录领取哦哦');history.back();</script>";	exit;
				}
			}
			else 
			{
				echo "<script>alert('防伪码要11到16位之间');history.back();</script>";exit;
			}
		}
		else 
		{
			echo "<script>alert('防伪码不能为空');history.back();</script>";exit;
		}
	}
}
?>

